PUT Based CSRF via Client Side Path Traversal + Cookie Bomb on Acronis Cloud Acronis disclosed a bug submitted by mr-medi: https://hackerone.com/reports/1860380 - Bounty: $600 [Source]